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- The MAILING DATE of this communication appears on the cover sheet with the correspondence address -- 
Period for Reply 

A SHORTENED STATUTORY PERIOD FOR REPLY IS SET TO EXPIRE 3 MONTH(S) FROM 
THE MAILING DATE OF THIS COMMUNICATION. 

- Extensions of time may be available under the provisions of 37 CFR 1 .136(a). In no event, however, may a reply be timely filed 
after SIX (6) MONTHS from the mailing date of this communication. 

- If the period for reply specified above is less than thirty (30) days, a reply within the statutory minimum of thirty (30) days will be considered timely. 

- If NO period for reply is specified above, the maximum statutory period will apply and will expire SIX (6) MONTHS from the mailing date of this communication. 

- Failure to reply within the set or extended period for reply will, by statute, cause the application to become ABANDONED (35 U.S.C. § 133). 

- Any reply received by the Office later than three months after the mailing date of this communication, even if timely filed, may reduce any 
earned patent term adjustment. See 37 CFR 1.704(b). 

Status 

1)K Responsive to communication(s) filed on 21 April 2003 . 
2a)Q This action is FINAL. 2b)[X] This action is non-final. 

3) D Since this application is in condition for allowance except for formal matters, prosecution as to the merits is 

closed in accordance with the practice under Ex parte Quay/e, 1935 CD. 11, 453 O.G. 213. 
Disposition of Claims 

4) S Claim(s) 1-25 is/are pending in the application. 

4a) Of the above claim(s) is/are withdrawn from consideration. 

5) [3 Claim(s) 10-19 is/are allowed. 

6) [3 Claim(s) 1-4,6-9 and 20-25 is/are rejected. 

7) ^3 Claim(s) 5, 20 is/are objected to. 

8) D Claim(s) are subject to restriction and/or election requirement. 

Application Papers 

9) D The specification is objected to by the Examiner. 

10) D The drawing(s) filed on is/are: a)D accepted or b)D objected to by the Examiner. 

Applicant may not request that any objection to the drawing(s) be held in abeyance. See 37 CFR 1.85(a). 

11) S The proposed drawing correction filed on 21 April 2003 is: a)£3 approved b)D disapproved by the Examiner. 

If approved, corrected drawings are required in reply to this Office action. 

12) D The oath or declaration is objected to by the Examiner. 
Priority under 35 U.S.C. §§119 and 120 

13) D Acknowledgment is made of a claim for foreign priority under 35 U.S.C. § 1 19(a)-(d) or (f). 

a)DAII b)D Some*c)D None of: 

1 .□ Certified copies of the priority documents have been received. 

2. Q Certified copies of the priority documents have been received in Application No. . 

3. D Copies of the certified copies of the priority documents have been received in this National Stage 

application from the International Bureau (PCT Rule 17.2(a)). 
* See the attached detailed Office action for a list of the certified copies not received. 

14) D Acknowledgment is made of a claim for domestic priority under 35 U.S.C. § 119(e) (to a provisional application). 

a) □ The translation of the foreign language provisional application has been received. 

15) D Acknowledgment is made of a claim for domestic priority under 35 U.S.C. §§ 120 and/or 121. 

Attachment(s) 



1) H Notice of References Cited (PTO-892) 

2) d Notice of Draftsperson's Patent Drawing Review (PTO-948) 

3) O Information Disclosure Statement(s) (PTO-1449) Paper No(s) . 



4) □ Interview Summary (PTO-41 3) Paper No(s). 

5) □ Notice of Informal Patent Application (PTO-152) 

6) □ Other: 



U.S. Patent and Trademark Office 
PTO-326 (Rev. 04-01) 
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DETAILED ACTION 
Specification 

1 . The examiner approves correction made to the specification. The examiner withdraws 
objection of the specification. 

Claim Rejections - 35 USC §101 
The text of those sections of Title 35, U.S. Code not included in this action can be found 
in a prior Office action. 

2. Claim 20 is rejected under 35 U.S.C. 101 because the claimed invention is directed to 
non-statutory subject matter. 

Claim 20 is directed towards a computer program for controlling the client to request a 
first secure connection to the proxy and a computer program for controlling the proxy to use the 
session master secret and a session identifier to generate given cryptographic information. A 
review of the specifications, see pages 21-22, reveals that elements are entirely software and 
includes no tangible elements. The examiner suggests incorporation of a computer or a 
computer readable medium to avoid this rejection. 

Claims 21-24 additional software elements or more detail to elements recited in claim 20. 

3. Applicant's arguments, see page 22, filed 3/31/03, with respect to the claims have been 
fully considered and are persuasive. The rejection of the claims has been withdrawn. 

Claim Rejections - 35 USC §112 

4. Applicant's arguments, see pages 22-23, filed 3/31/03, with respect to claims 3-5 and 1 1- 
13 have been fully considered and are persuasive. The rejection of claims 3-5 and 11-13 has 
been withdrawn. 
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Claim Objections 

5. Claim 20 is objected to because of the following informalities: omitted word. On line 
14, the word "secret" is omitted. Appropriate correction is required. 

Double Patenting 

A rejection based on double patenting of the "same invention" type finds its support in 
the language of 35 U.S.C. 101 which states that "whoever invents or discovers any new and 
useful process ... may obtain a patent therefor ..." (Emphasis added). Thus, the term "same 
invention," in this context, means an invention drawn to identical subject matter. See Miller v. 
Eagle Mfg. Co., 151 U.S. 186 (1894); In re Ockert, 245 F.2d 467, 114 USPQ 330 (CCPA 1957); 
and In re Vogel, 422 R2d 438, 164 USPQ 619 (CCPA 1970). 

A statutory type (35 U.S.C. 101) double patenting rejection can be overcome by 
canceling or amending the conflicting claims so they are no longer coextensive in scope. The 
filing of a terminal disclaimer cannot overcome a double patenting rejection based upon 35 
U.S.C. 101. 

6. Claims 1, 6-10, 17, 18 and 20-25 are rejected under 35 U.S.C. 101 as claiming the same 
invention as that of claims 1, 6-10, 17, 18 and 20-25 of prior U.S. Patent No. 6,584,567. This is 
a double patenting rejection. 

Claim Rejections - 35 USC §103 
The text of those sections of Title 35, U.S. Code not included in this action can be found 
in a prior Office action. 

7. Applicants arguments filed 3/31/03 have been fully considered but they are not 
persuasive. 

As to claim 1, the applicant argues on page 24 that Vu does not disclose that there are 
two communication sessions between the client and the gateway. Examiner respectfully 
disagrees. As discloses in column 8, lines 54-64, the process then authenticates the client's 
authorization to access the requested service and if the client 16 is determined to have the 
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required authorization, the gateway station 14 initiates a second communications process 19 
with the remote host 46 in which the gateway station 14 simulates the client 16 without 
revealing the client address. Once the two communication sessions 17, 19 are operative, 
communication is effected between the client 16 and the host 46 by passing communication 
data between the two interdependent communication sessions. The examiner asserts that the 
authentication process for the client's authorization to the requested services would have been 
the first session and communication process 19 would have been the second communications 
session. 

On page 26, the applicant argues that the combination of Vu and Raivisto does not show 
two communication sessions between a terminal/client and a mediator/gateway/proxy as 
claimed in the present invention. Examiner respectfully disagrees. As discussed above, Vu 
clearly teaches the claimed communication sessions. Vu was used to teach the client and the 
server negotiating a session master secret and delivering the session master secret to the proxy 
using the first secure session to enable the proxy to participate in the secure communication. 
Vu was not used to teach the two communication sessions between a terminal/client and a 
mediator/gateway/proxy. 

As to claims 6-8, the applicant argues on page 27 that Davis et al does not teach the claim 
elements of independent claim 1 . The examiner asserts that Davis et al was used to teach that it 
was obvious to use network security protocols such as SSL and TLS. The elements of 
independent claim 1 are taught by the combination of Vu and Raivisto, as discussed above. 

As to claim 9, the applicant argues on page 27 that Rosecrans et al does not teach the 
claim elements of independent claim 1. The examiner asserts that Rosecrans et al was used to 
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teach that the server was a Web server and the client was a pervasive computing client. The 
elements of independent claim 1 are taught by the combination of Vu and Raivisto, as discussed 
above. 

In response to applicant's argument that there is no suggestion to combine the references, 
the examiner recognizes that obviousness can only be established by combining or modifying the 
teachings of the prior art to produce the claimed invention where there is some teaching, 
suggestion, or motivation to do so found either in the references themselves or in the knowledge 
generally available to one of ordinary skill in the art. See In re Fine, 837 F.2d 1071, 5 
USPQ2d 1596 (Fed. Cir. 1988) and In re Jones, 958 F.2d 347, 21 USPQ2d 1941 (Fed. Cir. 
1992). In this case, Davis et al provides motivation for using SSL or TLS. Davis et al teaches 
that SSL and TLS provides message privacy and provides data integrity for messages being 
transmitted [column 2, lines 6-16]. Rosecrans et al teaches that The interface, incorporated in a 
telephone, enables users to send stored graphical information, tied to selected numbers, to other 
users' phones for use or storage, by scrolling through stored graphics, displayed by the interface 
on the phone, to locate a graphic associated with a person or place to be called, and then, by 
pressing SEND, the particular phone number or numbers linked to the selected graphic are 
activated and the call or calls are made, see abstract. 

The indicated allowability of claims 2-4 and 20-25 is withdrawn in view of the newly 
discovered reference(s) to Gabber et al and Hu. Rejections based on the newly cited reference(s) 
follow. 
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8. Claim 2 is rejected under 35 U.S.C 103(a) as being unpatentable over Vu U.S. Patent 
No. 5,623,601 and Raivisto U.S. Patent No. 6,081,601 as applied to claim 1 above, and 
further in view of Gabber et al U.S. Patent No. 5,961,593. 

As to claim 2, the Vu-Raivisto combination teaches that the proxy uses a session master 
secret to generate cryptographic information, as discussed above. 

The Vu-Raivisto combination does not teach that the proxy uses the session master secret 
and a session identifier to generate given cryptographic information. 

Gabber et al teaches a proxy that uses a session master secret and a session identifier to 
generate cryptographic information [column 7, lines 40-54]. 

Therefore, it would have been obvious to a person having ordinary skill in the art at the 
time the invention was made to have modified the Vu-Raivisto combination so that proxy would 
have generated cryptographic information using the session master secret and a session 
identifier. 

It would have been obvious to a person having ordinary skill in the art at the time the 
invention was made to have modified the Vu-Raivisto combination by the teaching of Gabber et 
al because there is no permanent secret information stored on the proxy system [column 7, lines 
43-46]. 

As to claim 3, the Vu-Raivisto-Gabber combination teaches the step of having the proxy 
modify requests and responses following the receipt of the session master secret and generation 
of the given cryptographic information [Gabber column 1 1, lines 37-53]. 
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As to claim 4, the Vu-Raivisto-Gabber combination teaches that the proxy performs a 
given service on behalf of the client while modifying content from the server [Gabber column 
12, lines 45-56]. 

9. Claims 20-25 are rejected under 35 U.S.C. 103(a) as being unpatentable over Hu U.S. 
Patent No. 5,586,260 and Raivisto U.S. Patent No. 6,081,601. 

As to claims 20 and 25, Hu discloses a client, server and proxy [figure 2]. Hu discloses a 
network protocol service for enabling the client and server to communicate over a secure 
connection [column 4, lines 5-17], Hu discloses a computer program for controlling the client to 
request a first secure connection to the proxy [column 4, lines 18-43]. Hu discloses 
authenticating the validity of a certificate from the proxy, for controlling the client to request a 
second secure connection to the proxy [column 4, lines 59-66]. Hu discloses that the second 
secure connection requests the proxy to act as a conduit to the server [column 5, lines 41-58]. 

Hu does not teach controlling the client to negotiate with the server through the conduit 
to obtain a session master secret. Hu does not teach controlling the client to deliver the session 
master secret to the proxy using the first secure session. Hu does not teach a computer program 
for controlling the proxy to use the session master secret and a session identifier to generate 
given cryptographic information. Hu does not teach that the proxy modifies content in 
communications between the client and the server. 

Raivisto teaches controlling the client to negotiate with the server through the conduit to 
obtain a session master secret. Raivisto teaches controlling the client to deliver the session 
master secret to the proxy using the first secure session [column 4, lines 60-64]. Raivisto teaches 
a computer program for controlling the proxy to use the session master secret and a session 
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identifier to generate given cryptographic information. Raivisto teaches that the proxy modifies 
content in communications between the client and the server [column 5, lines 2-14]. 

Therefore, it would have been obvious to a person having ordinary skill in the art at the 
time the invention was made to have modified Hu so that after the second session took place, the 
client and the server would have negotiated a master secret. After a successful negotiation, the 
client would have delivered the session master secret to the proxy using the first secure session. 
The proxy would have been then able to generate cryptographic information using the secret and 
a session identifier. The client would have been able to modify content in communications 
between the client and the server. 

It would have been obvious to a person having ordinary skill in the art at the time the 
invention was made to have modified Hu by the teaching of Raivisto because is that the 
management of keys and other parameters needed for connection security is simple and secure. 
When applying this method, only a few security parameters need to be stored at mobile 
terminals. Another advantage of the method according to the invention is that mobile terminals 
using incompatible security algorithms and/or security layer protocols can communicate with 
each other with the connection security provided [column 3, lines 50-61]. 

As to claim 21, the examiner asserts that it is obvious that a proxy includes means for 
providing transcoding services on behalf of the client. 

As to claim 22, the examiner asserts that it is obvious that the proxy includes means for 
providing encryption/decryption services on behalf of the client. 

As to claim 23, the examiner asserts that it is inherent that the proxy includes means for 
providing caching services on behalf of the client. 
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As to claim 24, the examiner asserts that it is obvious that the proxy includes means for 
providing monitoring services on behalf of the client. 

Allowable Subject Matter 

10. Claim 5 is objected to as being dependent upon a rejected base claim, but would be 
allowable if rewritten in independent form including all of the limitations of the base claim 
and any intervening claims* 

As to claim 5, prior art does not teach that the given service is selected from a set of 
services including transcoding, caching, encryption, decryption, monitoring, filtering and 
pre-fetching. 

11. Claims 10-19 are allowed. 

As per claim 10, prior art does not disclose the proxy using the session master secret and 
the session identifier to generate given cryptographic information that is useful for participating 
in the secure communication. 

As per claim 17, prior art does not disclose conducting a security handshake procedure 
between the client and the server to produce a session key and transmitting the session key to the 
proxy so that the proxy can participate in communications between the client and the server 
during the session. 

Any claims not addressed are allowed on the virtue of dependency. 
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Conclusion 



12. Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to Aravind K Moorthy whose telephone number is 703-305-1373. 
The examiner can normally be reached on Monday-Friday, 8:00-5:30. 

If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, Ayaz R Sheikh can be reached on 703-305-9648. The fax phone numbers for the 
organization where this application or proceeding is assigned are 703-746-7239 for regular 
communications and 703-746-7238 for After Final communications. 

Any inquiry of a general nature or relating to the status of this application or proceeding 
should be directed to the receptionist whose telephone number is 703-305-1373. 

Aravind K. Moorthy x 



July 10, 2003 



AYAZ SHEIKH 
SUPERVISORY PATENT EXAMINER 
TECHNOLOGY CENTER 2100 




